package com.bingbaihanji.core.controller;

import com.bingbaihanji.core.pojo.User;
import com.bingbaihanji.core.service.impl.MyUserDetailServiceImpl;
import jakarta.annotation.Resource;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;


@RestController
@RequestMapping("/user")
public class MyController {

    @Resource
    private MyUserDetailServiceImpl userService;


    @GetMapping("/list")
    @PreAuthorize("hasRole('ADMIN')")
    public List<User> getlist() {
        return userService.list();
    }

    @GetMapping("/del")
//    @Secured({"ROLE_admin"})
    @PreAuthorize("hasRole('ADMIN')")
    public String testDel() {
        return "删除成功！";
    }


    @GetMapping("/add")
    @PreAuthorize("hasRole('ADMIN')")
    public String testNotPermissions() {
        return "添加成功！";
    }
}
